Back to plugin
Pluginv1.0.1
ClawScan security
PDF Toolkit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 18, 2026, 2:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The plugin's code, SKILL.md, and manifest consistently implement a PDF toolkit that sends files to PDFAPIHub and requires an API key — this behavior matches the stated purpose, but you should be aware files are uploaded to a third-party service and retained for 30 days.
- Guidance
- This plugin sends any files you process to a third‑party service (pdfapihub.com) and stores them for up to 30 days — do not upload highly sensitive data unless you trust PDFAPIHub and its retention/processing policy. Provide only the PDFAPIHUB_API_KEY (or set config.apiKey) as required; do not reuse high‑privilege or unrelated credentials. Confirm the plugin source (https://pdfapihub.com and the GitHub repo claimed) and, if concerned, test with non-sensitive sample files first. If you want lower risk, avoid uploading private documents or disable the plugin's autonomous invocation in agent settings before using.
Review Dimensions
- Purpose & Capability
- okThe plugin advertises a large set of PDF operations and the code implements calls to https://pdfapihub.com/api for those operations. Requiring an API key to call a third‑party PDF processing service is coherent with the stated purpose.
- Instruction Scope
- okSKILL.md and index.ts clearly instruct the plugin to send content to PDFAPIHub and to use a configured apiKey. The instructions do not ask the agent to read unrelated local files, secrets, or system paths beyond using the configured API key. The SKILL.md explicitly warns files are uploaded and retained for 30 days — this is transparent and matches the implementation.
- Install Mechanism
- okThere is no download-or-extract install step; the repository contains a TypeScript extension (index.ts) and SKILL.md. No external installers, remote archives, or unusual URLs are used in the install process.
- Credentials
- noteThe plugin legitimately requires a single API key (PDFAPIHUB_API_KEY / config.apiKey). That is proportionate. There is a minor metadata inconsistency: the top-level registry summary provided with the skill indicated 'required env vars: none', while openclaw.plugin.json and the SKILL.md require the apiKey/primaryEnv — this appears to be a packaging/metadata mismatch rather than malicious behavior.
- Persistence & Privilege
- okalways:false and default autonomous invocation are used. The plugin does not request persistent system privileges or attempt to modify other plugins' configs. Autonomous invocation is the platform default; combined with this plugin's limited scope it is not an extra risk by itself.